cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
513
Views
0
Helpful
2
Replies

SMTP PROBLEM

soumik1979
Beginner
Beginner

Dear all

i am a network administrator of a small comp.Today we have faced a strange Problem

                         Internet leased line------------  Router---- catalystswitch -----External Servers and IP devices

                                                                          |         |                                                  

                                                                          |         |                                                   

                                                                          |         |

                                                      Cyberoam UTM       |

                                                                          |         |

                                                                          |         |

                                        Lan internet and mail users     |

                                                                                     |

                                                                                ASA 5510

                                                                                      |

                                                                                      |

                                                                 Lan high end users and servers internet access

Every thing was working fine.But today I fond that our mail users are unable to send mail.They can receive mail, but unable to send.I checked that telnet mail.domainname.com 25 was not connecting from any of the lan users who have gateway as asa 55510 Ip or cyberoam IP.But when I telnet from a external server, it was working.No conf change was done recently.Some how both of my firewalls deny the smtp traffic.Can any body help me regarding that.

Please help me .If you want any more feedback plz let me know.

2 Replies 2

mirober2
Cisco Employee
Cisco Employee

Hello,

If the ASA is blocking the traffic, you can check the syslogs to find out the reason. You can also use the packet-tracer command to see why the traffic would be dropped:

packet-tracer in inside tcp 12345 25

Interface and ASP drop captures on the ASA may also help you see why the connection is failing. Here is a guide that describes how to setup captures on the ASA:

https://supportforums.cisco.com/docs/DOC-1222

Hope that helps.

-Mike

As Mike has rightly pointed out, that you need to apply packet captures to actually check whether the traffic for port 25 is reaching the firewall itself from the internal LAN. If it is, the you need to apply captures on the external interface to check if it is leaving the firewall. Also, we could check if you firewall is inspecting smtp traffic and whether the inspection is causing issues. To check this, you can issue the command "sh run policy-map" and "sh service-policy". It would be good if you could attach those outputs to this string.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: